Sometimes, the caller is going to want to hash things for themselves.
(Notably, site.c will want to hash the advertisements of public key
set updates.)
The hash to be used should be the one used by the signature scheme, as
that has the same security properties.
In rsa.c this moves the hash_if from common to ops, and it is now
convenient to abolish rsa_hash which is a pointless veneer over
hash_hash.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
#define mpp(s,n) do { char *p = mpz_get_str(NULL,16,n); printf("%s 0x%sL\n", s, p); free(p); } while (0)
struct rsacommon {
#define mpp(s,n) do { char *p = mpz_get_str(NULL,16,n); printf("%s 0x%sL\n", s, p); free(p); } while (0)
struct rsacommon {
static const char *hexchars="0123456789abcdef";
static const char *hexchars="0123456789abcdef";
-static void rsa_sethash(struct rsacommon *c, struct hash_if *hash)
+static void rsa_sethash(struct rsacommon *c, struct hash_if *hash,
+ const struct hash_if **in_ops)
{
free(c->hashbuf);
c->hashbuf=safe_malloc(hash->hlen, "generate_msg");
{
free(c->hashbuf);
c->hashbuf=safe_malloc(hash->hlen, "generate_msg");
}
static void rsa_pub_sethash(void *sst, struct hash_if *hash)
{
struct rsapub *st=sst;
}
static void rsa_pub_sethash(void *sst, struct hash_if *hash)
{
struct rsapub *st=sst;
- rsa_sethash(&st->common, hash);
+ rsa_sethash(&st->common, hash, &st->ops.hash);
}
static void rsa_priv_sethash(void *sst, struct hash_if *hash)
{
struct rsapriv *st=sst;
}
static void rsa_priv_sethash(void *sst, struct hash_if *hash)
{
struct rsapriv *st=sst;
- rsa_sethash(&st->common, hash);
-}
-static void rsa_hash(struct rsacommon *c, const uint8_t *buf, int32_t len)
-{
- hash_hash(c->hashi,buf,len,c->hashbuf);
+ rsa_sethash(&st->common, hash, &st->ops.hash);
}
static void emsa_pkcs1(MP_INT *n, MP_INT *m,
}
static void emsa_pkcs1(MP_INT *n, MP_INT *m,
mpz_init(&a);
mpz_init(&b);
mpz_init(&a);
mpz_init(&b);
- rsa_hash(&st->common,data,datalen);
+ hash_hash(st->ops.hash,data,datalen,st->common.hashbuf);
/* Construct the message representative. */
/* Construct the message representative. */
- emsa_pkcs1(&st->n, &a, st->common.hashbuf, st->common.hashi->hlen);
+ emsa_pkcs1(&st->n, &a, st->common.hashbuf, st->ops.hash->hlen);
/*
* Produce an RSA signature (a^d mod n) using the Chinese
/*
* Produce an RSA signature (a^d mod n) using the Chinese
mpz_init(&b);
mpz_init(&c);
mpz_init(&b);
mpz_init(&c);
- rsa_hash(&st->common,data,datalen);
- emsa_pkcs1(&st->n, &a, st->common.hashbuf, st->common.hashi->hlen);
+ hash_hash(st->ops.hash,data,datalen,st->common.hashbuf);
+ emsa_pkcs1(&st->n, &a, st->common.hashbuf, st->ops.hash->hlen);
/* Terminate signature with a '0' - already checked that this will fit */
int save = sig->start[sig->len];
/* Terminate signature with a '0' - already checked that this will fit */
int save = sig->start[sig->len];
st->common.hashbuf=NULL;
st->ops.unpick=rsa_sig_unpick;
st->ops.check=rsa_sig_check;
st->common.hashbuf=NULL;
st->ops.unpick=rsa_sig_unpick;
st->ops.check=rsa_sig_check;
st->loc=loc;
i=list_elem(args,0);
st->loc=loc;
i=list_elem(args,0);
st->ops.sethash=rsa_priv_sethash;
st->common.hashbuf=NULL;
st->ops.sign=rsa_sign;
st->ops.sethash=rsa_priv_sethash;
st->common.hashbuf=NULL;
st->ops.sign=rsa_sign;
st->loc=loc;
/* Argument is filename pointing to SSH1 private key file */
st->loc=loc;
/* Argument is filename pointing to SSH1 private key file */
const struct alg_msg_data *sig);
struct sigpubkey_if {
void *st;
const struct alg_msg_data *sig);
struct sigpubkey_if {
void *st;
- sig_sethash_fn *sethash; /* must be called before check, if non-0 */
+ sig_sethash_fn *sethash; /* must be called before use, if non-0 */
sig_unpick_fn *unpick;
sig_checksig_fn *check;
sig_unpick_fn *unpick;
sig_checksig_fn *check;
+ const struct hash_if *hash;
};
/* SIGPRIVKEY interface */
};
/* SIGPRIVKEY interface */
struct buffer_if *msg);
struct sigprivkey_if {
void *st;
struct buffer_if *msg);
struct sigprivkey_if {
void *st;
- sig_sethash_fn *sethash; /* must be called before sign, if non-0 */
+ sig_sethash_fn *sethash; /* must be called before use, if non-0 */
+ const struct hash_if *hash;